在Linux系统中,用户主目录和锁定上传目录是两个非常重要的概念,用户主目录是每个用户在系统中的个人空间,用于存储用户的配置文件、数据等,锁定上传目录则是为了保护系统安全,防止恶意用户上传恶意文件,本文将详细介绍如何在Linux下修改用户主目录和锁定上传目录。
修改用户主目录
1、查看当前用户主目录
要修改用户主目录,首先需要查看当前用户的主目录,在终端中输入以下命令:
echo $HOME
2、修改用户主目录
要修改用户主目录,需要编辑/etc/passwd
文件,打开终端,输入以下命令以使用文本编辑器(如vim)打开/etc/passwd
文件:
sudo vim /etc/passwd
在打开的文件中,找到与当前用户名对应的一行,
username:x:1001:1001:User Name:/home/username:/bin/bash
/home/username
就是当前用户的主目录,要修改主目录,只需将其更改为新的路径即可,将主目录更改为/newhome
:
username:x:1001:1001:User Name:/newhome:/bin/bash
保存并退出文本编辑器,现在,新设置的主目录已经生效,可以使用以下命令验证:
echo $HOME
锁定上传目录
1、创建锁定目录
要锁定上传目录,首先需要创建一个用于存放锁定文件的目录,创建一个名为upload_locks
的目录:
sudo mkdir /var/lock/upload_locks
2、修改权限
为了确保只有特定用户可以访问锁定目录,需要修改其权限,使用以下命令将权限设置为仅允许特定用户(如www-data
)访问:
sudo chown www-data:www-data /var/lock/upload_locks sudo chmod 770 /var/lock/upload_locks
3、编写锁定脚本
接下来,需要编写一个脚本来处理文件上传时的锁定操作,创建一个名为upload_lock.sh
的文件,并将以下内容粘贴到文件中:
!/bin/bash
LOCKFILE="/var/lock/upload_locks/$1.lock"
if [ -f "$LOCKFILE" ] && kill -0 cat $LOCKFILE
; then
echo "File is locked by another process" >&2
exit 1
fi
touch "$LOCKFILE" && echo $$ > $LOCKFILE && trap "rm -f \"$LOCKFILE\"; exit 1" INT TERM EXIT && while true; do sleep 10; done & wait $! && rm -f "$LOCKFILE" || exit 1
4、设置文件权限和所有者
为了使脚本可执行,需要设置其权限和所有者,使用以下命令:
sudo chmod +x upload_lock.sh sudo chown www-data:www-data upload_lock.sh
5、修改上传脚本
需要修改实际的文件上传脚本,以便在上传文件时使用锁定功能,如果使用的是Apache服务器,可以编辑/etc/apache2/envvars
文件,将以下行:
ALIAS_MAPS="$HOME/aliases" ASCTIMEOUT="300" ENVIRONMENT="$HOME/environment" FASTCGI_PATH="$HOME/fcgi-bin" GATEWAY_INTERFACE="CGI/1.1" GSOCKET="/run/wsgi" LOGIN_ATTEMPTS_MAX="5" PATH="$PATH:$HOME/bin" PIDFILE="$HOME/httpd.pid" RUN_USER="www-data" RUN_GROUP="www-data" USERNAME="www-data" or any other user you want to use for file uploads. DO NOT use root! SELinux will block the upload if you do! UID and GID must match those of the user in the passwd file. If you have a custom user, make sure it has the same UID and GID as the user in the passwd file. You can check this with the id command. LANG="en_US.UTF-8" or any other language you want to use for file uploads. The default is en_US.UTF-8. SOCKET="/run/apache2/httpd.sock" or any other socket you want to use for file uploads. The default is /run/apache2/httpd.sock. APACHE_PID_FILE="$APACHE_RUN_DIR/httpd.pid" or any other PID file you want to use for file uploads. The default is /var/run/apache2/httpd.pid. APACHE_RUN_USER="www-data" or any other user you want to use for file uploads. DO NOT use root! SELinux will block the upload if you do! UID and GID must match those of theuser in the passwd file. If you have a custom user, make sure it has the same UID and GID as the user in the passwd file. You can check this with the id command." 改为: ALIAS_MAPS="$HOME/aliases" ASCTIMEOUT="300" ENVIRONMENT="$HOME/environment" FASTCGI_PATH="$HOME/fcgi-bin" GATEWAY_INTERFACE="CGI/1.1" GSOCKET="/run/wsgi" LOGIN_ATTEMPTS_MAX="5" PATH="$PATH:$HOME/bin" PIDFILE="$HOME/httpd.pid" RUN_USER="www-data" RUN_GROUP="www-data" USERNAME="www-data" or any other user you want to use for file uploads. DO NOT use root! SELinux will block the upload if you do! UID and GID must match those of the user in the passwd file. If you have a custom user, make sure it has the same UID and GID as the user in the passwd file. You can check this with the id command. LANG="en_US.UTF-8" or any other language you want to use for file uploads. The default is en_US.UTF-8. SOCKET="/run/apache2/httpd.sock" or any other socket you want to use for file uploads. The default is /run/apache2/httpd.sock. APACHE_PID_FILE="$APACHE_RUN_DIR/httpd.pid" or any other PID file you want to use for file uploads. The default is /var/run/apache2/httpd.pid. APACHE_RUN_USER="www-data" or any other user you want to use for file uploads. DO NOT use root! SELinux will block the upload if you do! UID and GID must match those of theuser in the passwd file. If you have a custom user, make sure it has the same UID and GID as the user in the passwd file. You can check this with the id command." 改为: ALIAS_MAPS="$HOME/aliases" ASCTIMEOUT="300" ENVIRONMENT="$HOME/environment" FASTCGI_PATH="$HOME/fcgi-bin" GATEWAY_INTERFACE="CGI/1.1" GSOCKET="/run/wsgi" LOGIN_ATTEMPTS_MAX="5" PATH="$PATH:$HOME/bin" PIDFILE="$HOME/httpd.pid" RUN_USER="www-data" RUN_GROUP="www-data" USERNAME="www-data" or any other user you want to use for file uploads. DO NOT use root! SELinux will block the upload if you do! UID and GID must match those of the user in the passwd file. If you have a custom user, make sure it has the same UID and GID as the user in the passwd file. You can check this with the id command." APACHE_PID_FILE="/var
原创文章,作者:K-seo,如若转载,请注明出处:https://www.kdun.cn/ask/199887.html